Improved Incident Response for an Aerospace and Defense Organization
Before Venafi: No key and certificate visibility; ad hoc issuance processes; slow remediation by each application administrator.
After Venafi: one-day incident response; validated replacement and policy compliance; 100% of keys and certificates inventoried and issued through Venafi; full Heartbleed remediation accomplished.
In the aerospace and defense industry, fast incident response is imperative. When breaches or outages occur, these organizations must be able to restore the business to a trusted state quickly. In this organization, server and application administrators issued and renewed keys and certificates as they saw fit, using various ad hoc methods. The IT security team had no visibility into these processes and were unable to ensure that provisioned keys and certificates conformed to security policies.
With attacks that use keys and certificates on the rise, the organization knew it needed centralized, policy-enforced key and certificate management that would both reduce risk and enable fast incident response when attacks did occur.
The Venafi Difference
With Venafi, the team was able to inventory 100% of its keys and certificates and shorten their incident response time to just one day, including validation of successful key and certificate replacement.
Once these incident response capabilities were in place, the organization was able to fully and effectively remediate Heartbleed, when this vulnerability was identified, by quickly replacing all keys and certificates.